Merge pull request #2156 from slingamn/throttle.1

fix login throttle handling
ergochat · May 28, 2024 · 5ee32cd · 5ee32cd
2 parents ca4b9c1 + 218f6f2
commit 5ee32cd
Showing 1 changed file with 6 additions and 7 deletions.
diff --git a/irc/handlers.go b/irc/handlers.go
@@ -207,13 +207,6 @@ func authenticateHandler(server *Server, client *Client, msg ircmsg.Message, rb
 
 	// start new sasl session: parameter is the authentication mechanism
 	if session.sasl.mechanism == "" {
-		throttled, remainingTime := client.loginThrottle.Touch()
-		if throttled {
-			rb.Add(nil, server.name, ERR_SASLFAIL, client.Nick(),
-				fmt.Sprintf(client.t("Please wait at least %v and try again"), remainingTime.Round(time.Millisecond)))
-			return false
-		}
-
 		mechanism := strings.ToUpper(msg.Params[0])
 		_, mechanismIsEnabled := EnabledSaslMechanisms[mechanism]
 
@@ -384,6 +377,12 @@ func authScramHandler(server *Server, client *Client, session *Session, value []
 
 	// first message? if so, initialize the SCRAM conversation
 	if session.sasl.scramConv == nil {
+		if throttled, remainingTime := client.checkLoginThrottle(); throttled {
+			rb.Add(nil, server.name, ERR_SASLFAIL, client.Nick(),
+				fmt.Sprintf(client.t("Please wait at least %v and try again"), remainingTime.Round(time.Millisecond)))
+			continueAuth = false
+			return false
+		}
 		session.sasl.scramConv = server.accounts.NewScramConversation()
 	}